Ethos Audit — Coffee Beans

Ethos Project
3 min readApr 26, 2022

This Audit was conducted Ethos development teams. The following summarizes the details of the full Audit report provided to the client, the Coffee Beans project. You can find the smart contract here on BSCScan.

Overall audit result: PASS (1 unresolved issue)

Ethos’ audit of the Coffee Beans smart contract has concluded with a PASSING result with the 1 unresolved medium-risk issue.

Coffee Beans team has produced a smart contract that adheres to the security measures known to reduce risks among known EVM/Solidity smart contract external attack vectors. However, they have chosen to leave a medium-risk issue unresolved which causes a significant centralization of referral bonuses within the marketing wallet.

For the full detailed audit, click here.

Result Summary

Ethos‘ audit of the Coffee Beans smart contract has concluded with a PASSING result, meaning the contract is largely safe from external threats but users funds are at the mercy of the team’s decision related to the significant referral bonuses collected by the marketing wallet. The initial review identified a number of informational issues, and 2 medium-risk issues, most of which have since been resolved except for the ones reported below. The remaining report includes all issues identified in the initial review, as well as the revised status post resolution by the team if applicable.

  • The smart contract is a variant of the ‘miner‘ meta, but not a fork of the typical miner codebase
  • It allows users to deposit network native tokens into the contract which are locked on deposit and redistributed to users over time
  • The rate of redistributions approximately 8% daily and varies based on the rate of increase of total value locked
  • There is a referral bonus distributed to referrers of approximately 12.5%
  • The marketing wallet does accumulate all the referrals where one is not explicitly provided, causing risk of centralization of referral bonuses due to an additional 12.5% deposit fee taken for marketing
  • There is a 3% dev fee and a 3% marketing fee applied on all deposits and withdrawals, and an additional 12.5% marketing fee only on deposits made without a referral link
  • The contract cannot be closed or shut off at any point after deployment
  • While there were a couple of medium-risk issues present in the contract, the Coffee Beans team decided to leave them unresolved or be transparent to users

To conclude, this smart contract does what it is designed to. However, since the marketing wallet accumulates a significant amount of referral bonuses, it can potentially drain the contract over time.

Please see the full detailed audit report here for more information.

About Coffee Beans

A decentralized BNB miner Rewards Pool dApp built on the BSC network that offers users the chance to access financial freedom with its simplicity. Enjoy while you see your BNB tokens grow everyday!

Website: https://www.coffeebeans.farm/
Telegram: https://t.me/coffeebeansfarm
Twitter: https://twitter.com/coffeebeansfarm
Docs: https://coffeebeansfarm.gitbook.io/coffee-beans/
Discord: https://discord.gg/3MR6XduYK5
Contract: https://bscscan.com/address/0x61654f090f5eb0e851047403b6689d356a9ba09d#code

About Ethos

Ethos is a a wholistic crypto services organization which specializes in bringing additional security to the crypto space by applying a proven and standardized approach to token and platform smart contract auditing.

Ethos’ team of experienced developers bring decades of development and code auditing history from the traditional software development world.

The code review conducted for Ethos audits follow the following structure:

  1. Review of specifications, documentation to assess smart contract functionality
  2. Manual, line-by-line review of code
  3. Code’s adherence to functionality as presented by documentation
  4. Automated tool-driven review of smart contract functionality
  5. Assess adherence to best practices
  6. Provide actionable recommendations

Website: https://www.ethosproject.io/
Telegram: https://t.me/TheEthosProject
Twitter: https://twitter.com/EthosProjectBSC

--

--